10 matches found
CVE-2024-4793
The CVE-2024-4793 entry corresponds to Campcodes Online Laundry Management System 1.0, where an SQL injection is triggered by manipulating the id parameter in /manage_laundry.php. Affected function/filename is unspecified beyond that file and vulnerability is remote-accessible. The exploit has be...
CVE-2024-4795
The CVE-2024-4795 issue affects Campcodes Online Laundry Management System 1.0, with a vulnerability in /manage_user.php where manipulating the id argument leads to an SQL injection. The problem is described as allowing remote exploitation and has been publicly disclosed. Connected sources consis...
CVE-2024-4819
Campcodes Online Laundry Management System 1.0 contains an improper authorization vulnerability in an unknown function of admin_class.php. The issue arises from manipulating the argument type with the input 1, enabling a remote attack. Public disclosure of the exploit is noted in the sources. The...
CVE-2024-4792
CVE-2024-4792 affects Campcodes Online Laundry Management System 1.0. The vulnerability is a SQL injection in /admin_class.php arising from manipulating parameters such as id/delete_category/delete_inv/delete_laundry/delete_supply/delete_user/login/save_inv/save_user. It can be triggered remotely...
CVE-2024-4817
CVE-2024-4817 affects Campcodes Online Laundry Management System v1.0, in the HTTP Request Parameter Handler (manage_user.php). The issue is an improper control of resource identifiers caused by unsafely handling the non-validated id parameter, enabling remote exploitation. Publicly disclosed exp...
CVE-2024-4818
CVE-2024-4818 affects Campcodes Online Laundry Management System 1.0. A vulnerability in the /index.php? page parameter enables (remote) file inclusion via manipulation of the page argument. This is a network-accessible path with no authentication required; the impact wording in sources cites pos...
CVE-2024-4794
CVE-2024-4794 affects Campcodes Online Laundry Management System 1.0. Affected is the /manage_receiving.php file where altering the id parameter enables SQL injection. The vulnerability can be exploited remotely and the exploit has been disclosed publicly (VDB-263893). Multiple sources confirm a ...
CVE-2024-4797
The CVE-2024-4797 affects Campcodes Online Laundry Management System 1.0. The vulnerability resides in the /ajax.php endpoint where the arguments name/customer_name/username can be manipulated to trigger cross-site scripting. Exploitation can be performed remotely, and public exploitation informa...
CVE-2024-4796
CVE-2024-4796 affects Campcodes Online Laundry Management System 1.0. A vulnerability in the /manage_inv.php file’s id parameter enables SQL injection. The issue is exploitable remotely and an exploit has been publicly disclosed (VDB-263895). Multiple sources (NVD/NVD-derived records, CVE lists) ...
CVE-2025-10426
The CVE-2025-10426 entry concerns itsourcecode Online Laundry Management System 1.0. A SQL injection vulnerability exists in an unknown function of the file /login.php triggered by manipulating the Username argument. The issue is exploitable remotely and exploitation has been publicly released. R...